diff options
Diffstat (limited to 'sandbox/lresende/sca-1.x/samples/store-secure-webapp/src/main/webapp/WEB-INF/geronimo-web.xml')
| -rw-r--r-- | sandbox/lresende/sca-1.x/samples/store-secure-webapp/src/main/webapp/WEB-INF/geronimo-web.xml | 73 |
1 files changed, 73 insertions, 0 deletions
diff --git a/sandbox/lresende/sca-1.x/samples/store-secure-webapp/src/main/webapp/WEB-INF/geronimo-web.xml b/sandbox/lresende/sca-1.x/samples/store-secure-webapp/src/main/webapp/WEB-INF/geronimo-web.xml new file mode 100644 index 0000000000..705010bf7c --- /dev/null +++ b/sandbox/lresende/sca-1.x/samples/store-secure-webapp/src/main/webapp/WEB-INF/geronimo-web.xml @@ -0,0 +1,73 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<web:web-app + xmlns:app="http://geronimo.apache.org/xml/ns/j2ee/application-2.0" + xmlns:client="http://geronimo.apache.org/xml/ns/j2ee/application-client-2.0" + xmlns:conn="http://geronimo.apache.org/xml/ns/j2ee/connector-1.2" + xmlns:dep="http://geronimo.apache.org/xml/ns/deployment-1.2" + xmlns:lc="http://geronimo.apache.org/xml/ns/loginconfig-2.0" + xmlns:ejb="http://openejb.apache.org/xml/ns/openejb-jar-2.2" + xmlns:name="http://geronimo.apache.org/xml/ns/naming-1.2" + xmlns:pers="http://java.sun.com/xml/ns/persistence" + xmlns:pkgen="http://openejb.apache.org/xml/ns/pkgen-2.1" + xmlns:sec="http://geronimo.apache.org/xml/ns/security-2.0" + xmlns:web="http://geronimo.apache.org/xml/ns/j2ee/web-2.0.1"> + <dep:environment> + <dep:moduleId> + <dep:groupId>org.apache.tuscany</dep:groupId> + <dep:artifactId>sample-store-secure-webapp</dep:artifactId> + <dep:version>1.0</dep:version> + <dep:type>car</dep:type> + </dep:moduleId> + <!-- TUSCANY-2622 --> + <dep:hidden-classes> + <dep:filter>org.apache.axiom</dep:filter> + <dep:filter>org.apache.axis2</dep:filter> + <dep:filter>org.apache.commons</dep:filter> + <dep:filter>org.jdom</dep:filter> + </dep:hidden-classes> + </dep:environment> + + <web:context-root>/sample-store-secure-webapp</web:context-root> + + <web:security-realm-name>ldap-realm</web:security-realm-name> + <sec:security> + <sec:role-mappings> + <!-- + <sec:role role-name="manager"> + <sec:principal name="lmanager" class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" /> + </sec:role> + <sec:role role-name="user"> + <sec:principal name="lresende" class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" /> + </sec:role> + --> + <sec:role role-name="manager"> + <sec:principal name="managers" class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" designated-run-as="true"/> + </sec:role> + </sec:role-mappings> + </sec:security> + + <dep:gbean name="ldap-realm" class="org.apache.geronimo.security.realm.GenericSecurityRealm"> + <dep:attribute name="realmName">ldap-realm</dep:attribute> + <dep:xml-reference name="LoginModuleConfiguration"> + <lc:login-config> + <lc:login-module control-flag="REQUIRED" wrap-principals="false"> + <lc:login-domain-name>ldap-realm</lc:login-domain-name> + <lc:login-module-class>org.apache.geronimo.security.realm.providers.LDAPLoginModule</lc:login-module-class> + <!-- lc:option name="users">foo,bar</lc:option--> + <lc:option name="initialContextFactory">com.sun.jndi.ldap.LdapCtxFactory</lc:option> + <lc:option name="connectionURL">ldap://dpev007.innovate.ibm.com:389</lc:option> + <lc:option name="connectionUsername">cn=ldaproot,dc=tnc,dc=org</lc:option> + <lc:option name="connectionPassword">ldappass</lc:option> + <lc:option name="authentication">simple</lc:option> + <lc:option name="userBase">ou=people,dc=tnc,dc=org</lc:option> + <lc:option name="userSearchMatching">uid={0}</lc:option> + <lc:option name="userSearchSubtree">false</lc:option> + <lc:option name="roleBase">ou=groups,dc=tnc,dc=org</lc:option> + <lc:option name="roleName">cn</lc:option> + <lc:option name="roleSearchMatching">(member={0})</lc:option> + <lc:option name="roleSearchSubtree">false</lc:option> + </lc:login-module> + </lc:login-config> + </dep:xml-reference> + </dep:gbean> +</web:web-app> |